Subscribe: Slaw» David Canton
Added By: Feedage Forager Feedage Grade A rated
big data  business  canada  casl  computing  data  good  information  privacy  private action  spam  things  transport canada 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Slaw» David Canton

David Canton – Slaw

Canada's online legal magazine

Last Build Date: Fri, 15 Dec 2017 18:19:28 +0000


I Was a Messenger Spoof Victim

Wed, 06 Dec 2017 18:22:17 +0000



A few days ago I returned to my office after a meeting to find emails and voicemails telling me that someone was sending facebook messenger messages pretending they were from me. The first message sent was an innocuous “Hello, how are you doing?” But if the recipient engaged it quickly turned into how I got a $300,000 government grant to pay off my bills, and tried to convince the recipient to send an email to “the agent in charge” to see if they were eligible. I suspect if followed through it would either ask for payment of a loan . . . [more]

CRTC Compufinder Decision Lowers CASL Spam Penalty

Wed, 15 Nov 2017 13:23:06 +0000

The CRTC recently released 2 CASL decisions on Compufinder. If this sounds familiar, it is because this is an appeal from an initial finding in 2015 that levied a $1.1 million penalty.

Compufinder took the position that CASL is unconstitutional. Many legal experts have questioned the ability of the Federal Government to pass this legislation. The CRTC decided that CASL is constitutional. But this is not the last word. Inevitably this will be argued in court. This decision is required reading for anyone who finds themselves in a position to challenge the act in the courts. Ironically, the delay . . . [more]

Will Quantum Computing Cause Encryption’s Y2K?

Wed, 25 Oct 2017 14:49:01 +0000

At the Can-Tech (formerly known as IT.Can) conference this week Mike Brown of Isara Corporation spoke about quantum computing and security. Within a few short years quantum computing will become commercially viable. Quantum computing works differently than the binary computing we have today. It will be able to do things that even today’s super computers can’t.

For the most part that is a good thing. The downside is that quantum computers will be able to break many current forms of encryption. So it will be necessary to update current encryption models with something different.

That may not be a simple . . . [more]

Cars and the Data They Share

Wed, 11 Oct 2017 14:50:07 +0000

Anyone interested in cars and the data they will increasingly collect should read the article in the November Automobile magazine titled The Big Data Boom – How the race to monetize the connected car will drive change in the auto industry.

It talks about how much data might be generated (4,000 GB per day), how that sheer volume will be handled, and how it might be monetized. And the challenges of cybersecurity and privacy.

Auto makers are well aware of the privacy issues. Challenges will include how to deal with privacy laws that vary dramatically around the world. Will . . . [more]

Canadian IT Law Association Annual Conference

Wed, 20 Sep 2017 13:10:30 +0000

I just signed up to attend the fall IT-Can conference, and thought the conference was worth mentioning. It is a consistent high quality conference for lawyers practicing in the IT/IP fields, and for others such as CIO’s.

Topics this year include fintech, quantum computing, blockchain and smart contracts, connected vehicles, big data, health care tech, cybersecurity, and control over online content.

Perhaps I’ll see you there in Toronto on Oct 23. . . . [more]

PIPEDA Privacy Breach Notification Regulations Published for Comment

Wed, 06 Sep 2017 13:00:20 +0000

The draft privacy breach regulations under PIPEDA have just been published. They are open for comment for 30 days.

These regulations detail the mechanics of notifying the Privacy Commissioner and individuals when there is a privacy breach. PIPEDA was amended some time ago to require mandatory notification when there is a breach that results in “real risk of significant harm”. Those provisions will come into force after the regulations are passed.

The draft regulations are about what were expected. They are similar to those under Alberta privacy legislation.

I agree with David Fraser’s view that section 4(a) that says notification . . . [more]

Artificial Intelligence and the Legal Profession

Wed, 30 Aug 2017 13:59:41 +0000


Artificial Intelligence is going to have a disruptive effect on the legal profession. The question is how soon, how much, and what areas of law come first. This kind of disruptive change builds up slowly, but once it hits a tipping point, it happens quickly.

Futurist Richard Worzel wrote an article titled Three Things You Need to Know About Artificial Intelligence that is worth a read. Here are some excerpts:

Every once in while, something happens that tosses a huge rock into the pond of human affairs. Such rocks include things like the discovery of fire, the invention of the . . . [more]

I’ve Got Nothing to Hide…

Wed, 16 Aug 2017 14:12:58 +0000

“I’ve got nothing to hide” is a common retort from people who are blasé about privacy. Their point is that they have done nothing wrong, so they don’t care how much of their information and habits are public.

The flaw in that retort is that information about us can be used in many ways and for many things that we might not expect. And things that we may think are normal and innocuous may be offensive to others who can make life difficult because of it. For example, the US Justice department is trying to get the names of over . . . [more]

Transport Canada Publishes Draft Drone Rules – Still Not Hobbyist Friendly

Wed, 26 Jul 2017 12:32:20 +0000

In March I wrote about Transport Canada’s overly restrictive drone rules. A few weeks ago they lightened those rules a bit.

Transport Canada just released draft permanent rules for comment. They propose a complex set of rules that vary among 5 different categories of drone. While the proposed rules will make commercial use a bit easier, they are not friendly to personal use.

MobileSyrup details the proposed rules and comments that: “The new rules, if approved, would dramatically reduce the paperwork burden on both Transport Canada and commercial drone operators, but they would also increase the costs for all . . . [more]

Feds Crack Down on Use of Word “banking” by Non-Banks

Wed, 05 Jul 2017 12:37:43 +0000

OSFI just issued an advisory threatening to bring criminal sanctions against non-banks that use the words “bank”, “banker”, or “banking”. Their cover note gives specific dates by which use must stop. This derives from section 983 of the Bank Act, which says in part that a non-bank can’t use: “… the word “bank”, “banker” or “banking” to indicate or describe a business in Canada or any part of a business in Canada…”. Examples given of improper use include: “Come do your banking with us”, “Automated Banking Machine”, “Bank Accounts”, “Better Banking”, and “Mobile Banking”. It also says they can’t advertise . . . [more]

Supreme Court of Canada Overrides Forum Clause in Facebook Agreement

Wed, 28 Jun 2017 13:18:31 +0000

The Supreme Court of Canada has decided that a British Columbia privacy class action may proceed against Facebook in the courts of BC, despite the contract naming California as the forum for legal actions.

My personal view is that in business to consumer contracts, if a court decides that a local law is important enough, or if the actions of the business offends local sensibilities, it will find a way to apply local laws and hear the case. This Douez v Facebook decision will be relevant for any future actions in Canada that question the applicability of portions of online . . . [more]

CASL Private Right of Action Suspended – but CASL Is Still Here

Wed, 14 Jun 2017 12:43:17 +0000

The Canadian government has suspended the CASL private right of action that was to have come into force on July 1. The private right of action (most likely in the form of class actions) would have allowed people to sue anyone for sending spam. Or more accurately for those who violated the technical provisions of CASL.

This is a welcome move. But while we can breathe a sigh of relief that this remedy is gone, CASL still remains in force and must be complied with.

The government’s press release said:

Canadians deserve an effective law that protects them from spam . . . [more]

Ransomware – Fix It Before You Wanna Cry

Wed, 31 May 2017 14:30:41 +0000

The WannaCry ransomware attack of almost 3 weeks ago may be a fading memory – but we can’t forget how important it is to protect our computer systems. This is true no matter what kind of business or organization you are.

This video does a good job of summarizing what happened.

The bottom line is that there are some basic things everyone needs to do to reduce the chances of ransomware or malware affecting us. Unfortunately not everyone does these simple things.

They include:

  • Keeping software and patches up to date
  • Upgrade operating systems before support ends (that means you
. . . [more]

Self Driving Cars – Privacy Points to Ponder

Wed, 10 May 2017 13:39:10 +0000

Cars collect a significant amount of information about our driving. That data will increase dramatically as we move to autonomous vehicles – and with more data comes more ways to use it.

This information can be used now to find fault in an accident or convict us of driving offences. Some insurance companies offer discounts if we share that data with them and they decide we are a safe driver.

Cars increasingly rely on electronic systems for safety features, and self driving cars are coming. They will increasingly collect and store data about not just the car itself but also . . . [more]

CASL Class Actions Are Looming

Wed, 26 Apr 2017 12:41:47 +0000

The private right of action for sending spam in violation of CASL comes into force on July 1. Many companies are dreading it – some class action lawyers can’t wait. The right thing for the government to do would be to completely scrap CASL – the statute is that bad and ill-conceived. But wishful thinking won’t make it go away.

At the moment, CASL violators are subject to enforcement proceedings by the CRTC. But after July 1, those who have been spammed in violation of CASL can sue the sender. Here are some things to keep in mind about the . . . [more]

Lessons From the United Passenger “re-accommodation”

Wed, 12 Apr 2017 12:47:15 +0000

The recent United Airlines incident where a passenger was dragged off the plane because United wanted the seat for a United employee is a good reminder of some social media realities.

The obvious lesson is to not bloody your passengers and drag them off your plane. Or that just because you have the right to do something, doesn’t mean it’s the right thing to do.

But sometimes bad stuff happens. And often someone is there to record and publish it for the world to see.

When that happens, the social media / public relations lesson is to not react in . . . [more]

Did Transport Canada Just Ground the Canadian Hobbyist Drone Market?

Wed, 22 Mar 2017 13:02:42 +0000

Transport Canada just put in force an order regarding the recreational use of model aircraft, enforceable by a $3,000 fine. Details are in the graphic below and on the Transport Canada Web site.

Operation of a drone over 35 kg, or for commercial use, has not changed, and still requires a Special Flight Operations Certificate.

Restrictions on flying near airports and aircraft are understandable.

But you can’t operate a model aircraft “at a lateral distance of less than 250 feet (75m) from buildings, structures, vehicles, vessels, animals and the public including spectators, bystanders or any person not associated with . . . [more]

Researchers Play Along With “Tech Support” Scam Calls

Wed, 15 Mar 2017 13:08:26 +0000

Have you ever been tempted to play along with scammers that phone just to see where it goes and to give them some grief? Researchers at the State University of New York at Stony Brook did that and more.

They sought out scammers who claim to be from Microsoft or some sort of official tech support, and followed it through to see what happened. They set up virtual machines that looked like normal PC’s to the scammers who remote on, and let the scam play out.

This Wired article has more detail, including the paper that the researchers wrote, and . . . [more]

Privacy Commissioner Posts New Case Summaries

Wed, 01 Mar 2017 13:10:12 +0000

Privacy breaches and complaints can often be resolved cooperatively. We usually hear about the large, dramatic, far reaching breaches more so than the smaller ones that get resolved.

The privacy commissioner just released some examples.

In one example, a malfeasant social engineered some information from customer service representatives that enabled the malfeasant to contact customers and try to obtain more information that could be used for fraud. The business investigated, contacted the individuals who may have been compromised, and took steps to reduce the chances of it happening again.

In another situation, a rogue employee took customer information . . . [more]

Trump Administration to Roll Back Net Neutrality

Wed, 15 Feb 2017 13:53:13 +0000

In 2015 the US FCC took steps to prevent ISPs from discriminating against internet traffic. This is called Net Neutrality, which Wikipedia describes as “…the principle that Internet service providers and governments regulating the Internet should treat all data on the Internet the same, not discriminating or charging differentially by user, content, website, platform, application, type of attached equipment, or mode of communication.”

The gist of the concept is that the owner of the pipes shouldn’t be able to favour the delivery of its own content over content provided by others.

At the risk of oversimplifying this, net neutrality is . . . [more]

Trump’s Executive Order on Foreigners Strips Privacy Protection for Canadians

Wed, 01 Feb 2017 11:12:21 +0000

Included in Trump’s reprehensible executive order “Enhancing Public Safety in the Interior of the United States” was this:

Sec. 14. Privacy Act. Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.

The Privacy Act covers personal information held by US Federal agencies. This would apply, for example, to information collected about Canadians entering the United States.

This should be attracting the wrath of the Canadian privacy commissioner and the Canadian . . . [more]

The End of Cloud Computing

Wed, 25 Jan 2017 13:54:01 +0000

That’s the title of a 25 minute video that is worth watching if you have an interest in where computing is going.

Don’t panic if you have just decided to do more of you business computing in the cloud. That isn’t going away any time soon.

It means that we will see more edge or fog computing. Some of the computation that now happens in the cloud will increasingly happen at the edge of the network. That might be in IOT devices, our phones, cars, or Alexa type devices. Think of it as a return to distributed computing. Peer to . . . [more]

10 Things to Watch for at the Intersection of Tech and Law in 2017

Wed, 04 Jan 2017 13:40:41 +0000

  • CASL, Canada’s anti-spam legislation, has been with us since July 2014. It’s a terrible piece of legislation for many reasons. In July 2017 a private right of action becomes effective that will allow anyone who receives spam as defined by CASL to sue the sender. CASL sets out statutory damages, so the complainant does not have to prove any damages. Class actions will no doubt be launched. The sad part is that breaches of CASL are to a large extent breaches of the very technical requirements of the statute, rather than the sending of what most people would call spam.
  • . . . [more]

    Even Santa Needs to Get It in Writing

    Wed, 07 Dec 2016 14:42:36 +0000

    A Toronto mall and its former “Fashion Santa” are having a snowball fight over the character. The mall hired a new Fashion Santa this year instead of the person who played the role before. The dispute is over who owns the character and name. They even have duelling trademark applications for Fashion Santa.

    In the end it comes down to the facts (including whether the individual is an employee or an independent contractor, and who developed the character) and the nature of any agreement that might exist.

    While disputes over public characters makes for good press, this kind of . . . [more]

    SCC Renders Practical Privacy Decision on Mortgage Information

    Wed, 23 Nov 2016 13:38:33 +0000

    The Supreme Court of Canada, in Royal Bank v Trang, made a privacy decision that will bring a sigh of relief to lenders and creditors.

    A judgment creditor asked the sheriff to seize and sell a house to satisfy the judgment. To do that, the sheriff needed to know how much was owed on the mortgage on the house. The mortgage lender didn’t have express consent to provide the information, and said PIPEDA prevented it from giving it. Lower courts agreed.

    But the SCC took a more practical approach. The issue was whether there was implied consent to release . . . [more]

    Big Data Privacy Challenges

    Wed, 26 Oct 2016 15:26:00 +0000

    Big data and privacy was one of the topics discussed at the Canadian IT Law Association conference this week. Some of the issues worth pondering include:

    • Privacy principles say one should collect only what you need, and keep only as long as needed. Big data says collect and retain as much as possible in case it is useful.
    • Accuracy is a basic privacy principle – but with big data accuracy is being replaced by probability.
    • A fundamental privacy notion is informed consent for the use of one’s personal information. How do you have informed consent and control for big data
    . . . [more]

    Should Lawyers Learn to Code?

    Wed, 19 Oct 2016 14:46:04 +0000

    There have been many articles written suggesting that lawyers should learn how to code software. This Wolfram Alpha article is a good one, although many of the articles are far more adamant that every lawyer needs to learn how to code. The rationale is that because software will have an increasing effect on how lawyers practice, and who will be competing with us to provide our services, we should learn to code.

    So should we learn how to code? For most lawyers, probably not.

    I knew how to code before law school, and for me it has been very useful. . . . [more]

    AI First Is Taking Over From Mobile First

    Wed, 05 Oct 2016 12:49:20 +0000

    Google debuted new hardware on Tuesday – including new Pixel phones, and an Amazon Echo competitor called Google Home. A key thread to all this is their new Google Assistant replacement for Google Now. (Similar to Apple’s Siri and Microsoft’s Cortana.)

    But the most noteworthy part is their comment that we are switching from Mobile First to AI first. Over the past few years websites and online services have increasingly needed to be mobile friendly, so people can do what they want from whatever screen happens to be in front of them. Advances in artificial intelligence are going to put . . . [more]

    Media Files:

    Cloud Computing: It’s All Good – or Mostly Good

    Wed, 21 Sep 2016 13:19:30 +0000

    A ZDNet article entitled Cloud computing: Four reasons why companies are choosing public over private or hybrid clouds makes a case for the value of the public cloud.

    The reasons:

    • Innovation comes as standard with the public cloud
    • Flexibility provides a business advantage
    • External providers are the experts in secure provision
    • CIOs can direct more attention to business change

    This is all good – or mostly good.

    The caveat is that the use of the cloud can fail if a business adopts the cloud without thinking it through from the perspectives of mission criticality, security, privacy, and continuity. If a . . . [more]

    CASL Still Confusing

    Wed, 14 Sep 2016 14:47:04 +0000

    CASL, the Canadian anti-spam legislation, came into force on July 1, 2014. July 1, 2017 will be an important date for CASL, as a private right of action will become available. Anyone (class actions are likely) will be able to sue CASL violators. Statutory damages means that it won’t be necessary to prove actual damages.

    CASL is a complex, illogical statute. Many businesses don’t comply because they don’t think emails they send could possibly be considered spam. After all, spam is about illicit drugs, diets and deals scams, right? Not according to CASL.

    Nor do they understand they must keep . . . [more]